>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

PSS-07Confidentiality of Authentication Information

>Control Description

If passwords are used as authentication information for the cloud service, their confidentiality is ensured by the following procedures: • Users can initially create the password themselves or must change an initial password when logging in to the cloud service for the first time. An initial password loses its validity after a maximum of 14 days. • When creating passwords, compliance with the length and complexity requirements of the Cloud Service Provider (cf. IDM-09) or the cloud customer is technically enforced. • The user is informed about changing or resetting the password. • The server-side storage takes place using state-of-the-art cryptographically strong hash functions in combination with at least 32-bit long salt values. Additional criteria: -

Ask AI

Configure your API key to use AI features.